Enormous Yahoo Data Breach with Usernames, Passwords, Dates of Birth

The BBC is reporting that there seems to have been a massive data breach of 200 million Yahoo accounts, with the data – which appears to be from 2012 – being offered for sale for 3 bitcoins ($1805 USD).

According to the BBC article, from a sample of 5000 of the 200 million account credentials being offered for sale by the hacker, who goes by the name of “Peace” and who has also been tied to massive hacks of LinkedIn and MySpace, Motherboard tested a sample of about two dozen and found them to be legitimate, meaning that they were real accounts, and the credentials worked to log into them.

Read Internet Patrol Articles Right in Your Inbox as Soon as They are Published! Only $1 a Month!
Imagine being able to read full articles right in your email, or on your phone, without ever having to click through to the website unless you want to! Just $1 a month and you can cancel at any time!
Or get notified of new Internet Patrol articles for free!

In a statement, Yahoo said that “Yahoo works hard to keep our users safe, and we always encourage our users to create strong passwords, or give up passwords altogether by using Yahoo Account Key, and use different passwords for different platforms.”

 

However, while the passwords are hashed, Peace has also published the algorithm used to hash the passwords. So, even if you have “created strong passwords” there’s no guarantee that your data will be protected from this sort of breach.

As security expert Professor Alan Woodward points out in the BBC article, “The algorithm MD5 is considered to be weak, and for the vast majority of passwords it is easy to reverse what it was using what we call a dictionary attack.”

 

So, if you have a Yahoo account, it’s time to go change your password. Or, to close it.

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free? Thank you!

Get notified of new Internet Patrol articles!
Summary
Enormous Yahoo Data Breach with Usernames, Passwords, Dates of Birth
Article Name
Enormous Yahoo Data Breach with Usernames, Passwords, Dates of Birth
Description
The BBC is reporting that there seems to have been a massive data breach of 200 million Yahoo accounts, with the data - which appears to be from 2012 - being offered for sale for 3 bitcoins ($1805 USD).
Author

One Reply to “Enormous Yahoo Data Breach with Usernames, Passwords, Dates of Birth”

  1. I don’t know if it helps my security but I never bank online and I try not to hand out my cc number any more than absolutely necessary.

Leave a Reply

Your email address will not be published. Required fields are marked *